* Posts by Ken Moorhouse

944 posts • joined 26 Jul 2007

Page:

IBM broke its cloud by letting three domain names expire

Ken Moorhouse
Silver badge

Re: domains may be registered up to 10 years

Maybe that's what they did, ten years' ago. But understandably they didn't have a 2017 diary on hand at the time to put the reminder in to renew it.

10
0

IT resellers, this is your future: Shifting driverless cars within 5 years

Ken Moorhouse
Silver badge

Gives new meaning to the words... (#2)

Drive Compression

0
0

Microsoft concedes to Mozilla: Redmond will point web API docs at Moz Dev Network

Ken Moorhouse
Silver badge

Re: Due to the clouds and haze...

Just idly pondering whether there's a subtext hidden in your post (upvoted, incidentally).

0
0

Stealth web crypto-cash miner Coin Hive back to the drawing board as blockers move in

Ken Moorhouse
Silver badge

First Come First Served

Let's say you went into two separate sites that used the same miner. Coin Hive would be best off allowing only the first active miner to be enabled, otherwise performance would plummet.

Sound reasonable? Consider the response of some dubious sites to that: try and get that first mining page closed down so that they can take the reins. If that were possible then expect your session with the primary site to be cut off without warning.

0
0

BlackBerry Motion lurches into UK stores

Ken Moorhouse
Silver badge

I was in my local EE shop the other week...

My phone rang and, on getting it out of my pocket, the bloke serving me called all the other staff in the shop to "come and have a look at this guy's phone." I never thought that owning a Blackberry Passport would ever cause such a stir. Now if only I could use WhatsApp and a couple of other apps on it it really would be perfect... Does the Motion correct these deficiencies?

2
0

Ex-TalkTalk chief grilled by MPs on suitability to chair NHS Improvement

Ken Moorhouse
Silver badge

Hello is that Mr Smith?

This is your Doctor speaking. It seems that you might have picked up an infection. Can you please cough into the mouthpiece please? Very good. Hmm yes, it would seem that your ticker needs an overhaul. Login to this website please and enter your credit card details...

0
0

Programming bootcamp compiles $375,000 check after triggering New York AG's error handlers

Ken Moorhouse
Silver badge

Alternative sequence of events...

Schneiderman asked Flatiron why they were still teaching Flowcharts. Flatiron told Schneiderman to goto...

1
0

Windows Fall Creators Update is here: What do you want first – bad news or good news?

Ken Moorhouse
Silver badge

Re: Just had Nan on the phone...and she...

I thought you were referring to Patrick McGoohan there, until you used the word "she"....

1
0

Crypto-coin miners caught toiling away in hacked cloud boxes

Ken Moorhouse
Silver badge

215 kWH

I wonder if Cloud vendors have factored the above into their prices.

A bit like things like tethering, when such "unintended usages" surface the Service affected hit back by invoking their safety net Acceptable Usage Policy (1) throttling or curtailing or (2) charging an excess for the usage not deemed acceptable.

Will this happen in this case?

0
0

Symantec's guzzled the Azure Kool-Aid, tells all its customers: Drink up!

Ken Moorhouse
Silver badge

Re: Another one bites the dust...

Ok, let's deal with the bullet points:-

>Too large an attack surface and too much territory to defend

I cannot think of a bigger "attack surface" than the cloud.

>Lack of realistic training and regular, intense, high-performance testing of defenses

One of the reasons why there are so many cloud oopsies is because people are not trained in how to handle cloud security. One of the so-called advantages of the cloud is that you can shed a lot of technical staff. These are the people best placed to advise people on how cloud security works.

>Compartmentalized leadership that doesn't see the big picture or lead from the front

If you remove technical people from your boardroom mix then you may still have leadership, but you don't have the wheels with which to propel the vehicle forward. You still need the garage with the guy wielding the spanner.

>No allies, thereby trying to do everything yourself against a more powerful enemy who can cheaply automate their attacks

I wouldn't regard any cloud provider as an "ally". Because they are trying to maximise their economic returns, this means that low volume communications are frowned upon as they adversely affect the bottom line, so don't expect personalised attention. What I suspect will happen here is that a new breed of consultants will spring up, getting you to pay them for dealing with the administrative headaches you are having, such as liaising with the cloud company because you can't log in to your account, which techies of my generation will gladly dispense with as not being their core competency.

>Too little weapon's system automation relative to the enemy's ability to automate

If you want to be a sheep, be a sheep. What is your USP (Unique Selling Point)? "My" USP is that I passionately believe in On-Premises still, and those companies that are sceptical about The Cloud should come and have a chat with "me", at their premises, naturally. (Inverted commas because I am speaking for all of my peers here - a lot of them to be found on ElReg, if I'm not mistaken). Your USP? It is probably along the lines of wishing to stand out from The Cloud... oh, sorry, I meant The Crowd.

9
2

Equifax's malvertising scare, Chromebook TPM RSA key panic, Cuban embassy sonic weapon heard at last – and more

Ken Moorhouse
Silver badge

unpublished web page

Some courier companies used to use this technique. If the tracking number looks like it might be a sequential number, rather than a hashed value, incrementing or decrementing by one would often give details of someone else's delivery (I kid you not). They didn't even use a checksum to guard against legitimate typos. One one would hope that this kind of thing is a thing of the past.

5
0
Ken Moorhouse
Silver badge

This sound may break your brain

Could one explanation be some kind of Point-to-Point communications link?

1
0

Pulitzer-winning website Politifact hacked to mine crypto-coins in browsers

Ken Moorhouse
Silver badge

Gives new meaning to the words...

...cached content

8
0

More and more websites are mining crypto-coins in your browser to pay their bills, line pockets

Ken Moorhouse
Silver badge

Re: Using the GPU... turning off that feature ... my memory is vague.

Maybe you tinkered with the RAM settings too.

6
0
Ken Moorhouse
Silver badge

Re: This post is a work of satire and should not be taken seriously

I have a feeling that you might remember the days of the Miners Strikes, do you?

Well this is a different type of Miner, and a different kind of Strike.

12
0
Ken Moorhouse
Silver badge

Declaration of use

Ethically I feel that sites using this concept have a duty to declare that user's CPU power is being siphoned off in this way. What happens if you leave your browser on a page that does mining, will the page force keep-alive to continue mining? If your connection is metered then effectively you've just poured your money into the miner's coffers.

You're also going to get the situation where several mining operations will be taking place at the same time, which will kill normal work. Miner's will do well to enforce a "one browser, one mining session" limit before they attract bad publicity.

3
0

It's Patch Blues-day: Bad October Windows updates trigger BSODs

Ken Moorhouse
Silver badge

"So these updates come with some extra homework."

Now where have I heard that phrase before?

To which Wensleydale should reply...

3
0

Dumb bug of the week: Outlook staples your encrypted emails to, er, plaintext copies when sending messages

Ken Moorhouse
Silver badge

Re: Hire my dad.

If your dad also goes by the name allthecoolshortnamesweretaken then I would imagine he has uncovered quite a few buffer overflows in his time.

4
0
Ken Moorhouse
Silver badge

it was for validating that the original email was unchanged.

Surely that could have been done including an MD5 hash of the original email, instead of including it verbatim?

0
0

Whose drone is that? DJI unveils UAV traffic tracking system

Ken Moorhouse
Silver badge

Abuse of Registration

I don't see any way to stop false registrations being fed into a drone. Even if you work on the idea that only drones used for "official" purposes e.g., policing had proper registered data in them - anything else can be forcibly grounded, there is the problem that retail buyers will find ways to put false registration details in which have been leaked from official lists.

0
0

Outlook, Office 2007 slowly taken behind the shed, shots heard

Ken Moorhouse
Silver badge

Re: true power of the keyboard shortcut

Assuming consistency between versions. The comment previous to yours (Red Bren) sheds some doubt on that point. Taking the whole idea one step further: that was something WordPerfect did to perfection. All we need now is for MS Word to implement Reveal Codes* (Alt F3) and we will have gone full circle.

*The full implementation, that is.

0
0
Ken Moorhouse
Silver badge

Like a worm on a hook

I have saved all my ribbons for thee

2
1
Ken Moorhouse
Silver badge

Re: The clue's in the name - 2007

So.... Windows 10...

Are we talking Current Epoch?

2
0

'Israel hacked Kaspersky and caught Russian spies using AV tool to harvest NSA exploits'

Ken Moorhouse
Silver badge

"Ah, you found our honeypot then"

I wonder if we will be hearing this phrase frequently in the future.

3
0

It's 2017... And Windows PCs can be pwned via DNS, webpages, Office docs, fonts – and some TPM keys are fscked too

Ken Moorhouse
Silver badge

force regeneration of previously created weak TPM keys

So these updates come with some extra homework.

4
0

Footie ballsup: Petition kicks off to fix 'geometrically impossible' street signs

Ken Moorhouse
Silver badge

I remember this controversy...

...when they changed to the current road signs:-

http://i.telegraph.co.uk/multimedia/archive/02692/Slippery-Road-sign_2692800c.jpg

0
0

Before you head into Office 365, pull on this cosy Cloud Archive

Ken Moorhouse
Silver badge

Hosted solely in the UK?

Otherwise, would it meet GDPR obligations?

2
0

Frustrated Britons struggle to locate their packages: Royal Mail tracker smacked

Ken Moorhouse
Silver badge

Re: endless succession of captchas

Yes, I agree that some guidance would be helpful.

I wonder if they give one of these as an intelligence test for prospective "service delivery staff".

Click the BUILDINGS that you see in the picture.

Click the DOORS you see in the picture.

Click the LETTERBOXES you see in the picture.

OK you've got the job.

(Apologies for the cynicism. On one occasion the reason given for non-delivery by Shitty Link was that "there was nobody at the loading bay to sign for the package." Nope, no loading bay where my office was.)

3
0

New coding language Fetlang's syntax designed to read like 'poorly written erotica'

Ken Moorhouse
Silver badge

COSMAC

How about this for a target system for the language?

Appropriately the architecture required a lot of self-discipline to get the best from it. IIRC there were two assemblers, one where the full versatility of registers, etc. could be used, then another which effectively nominated registers for specific purposes.

Historic Note: We were thinking about using the 1802 for train-borne equipment on the Underground due to its low current consumption and higher tolerance to electrical noise and voltage fluctuations, but to my knowledge nothing came of it.

0
0
Ken Moorhouse
Silver badge

I can see the attraction...

...if you write bad code and put it into production - when people who've bought your software complain bitterly then the resulting humiliation [presumably*] aims to give lasting fulfillment to the author.

* I am guessing here.

3
0

It's 4PM on Friday, almost time to log off and, oh look, Disqus says it's been hacked

Ken Moorhouse
Silver badge
Thumb Up

Re: to enable Javascript.

My turn to say "Nice one Doc".

1
0

In current affairs news: Teen boffin with lots of potential crafts electric honeycombs out of oil

Ken Moorhouse
Silver badge

...current... ...potential...

You couldn't resist that could you?

0
0

HPE server firmware update permanently bricks network adapters

Ken Moorhouse
Silver badge

Re: It should not be possible to be able to do this.

The point I was making here was not so much that updating to an incompatible overall configuration should not be possible, more I was making the point that anyone can rewrite the firmware to do whatever they wanted. OK a rogue techie could do that if they had access to the NIC jumpers (in the olden days), but a typical corporate with concerns about security should really have tamper seals and/or locks on system units.

Sysadmins concerned about rogue NIC's would have to be able to perform MD5 hashes on NIC card firmware for all pc's and have a utility to lockout NIC's with unauthorised MD5 hashes. Just changing the NIC to, for instance, fool around with ARP would be pretty devastating if programmed in, particularly if the lockout method relied on ARP to do its job.

1
0
Ken Moorhouse
Silver badge

The good news...

...is that if you were wanting to DDOS a company that was using this equipment, your life got a whole lot simpler.

Subtext: It should not be possible to be able to do this. (In the old days I seem to remember that you would have a jumper on the PCB to prevent such mischief).

2
0

Azure fell over for 7 hours in Europe because someone accidentally set off the fire extinguishers

Ken Moorhouse
Silver badge

Re: our service would probably have switched over to another geo.

Probably? Not a certainty then.

The other point is whether your data had been replicated to that other geo. How can you guarantee that the data you are now looking at through that different conduit is current? And how would you know for certain that it is up to date?

Replication was I believe one of the issues with Lotus Notes. Have lessons been learned?

1
2
Ken Moorhouse
Silver badge

Re: Achmed's Kebab Shop in Kentish Town

The more I think about Achmed's Kebab Shop in Kentish Town, the more I think we're all being fooled.

Not only does Achmed help serve up BT's local OpenZone service (if the shop uses a BT HomeHub), but if the business owner's pc has BitTorrent installed then there is a possibility he is a contributor to a film you may be watching (I'm sure I read somewhere that Microsoft are using BitTorrent techniques to serve up updates since the advent of W10). How do we know that Azure/AWS does not "sub-contract" in a similar way? AFAIK there is no agreement between BT and Achmed as to whether BT can use Achmed's Broadband connection for providing BT's Public WiFi service - BT being a big company y'know. Plus (I'm sure I've said this before), do Azure rent capacity from AWS and vice versa?

1
1
Ken Moorhouse
Silver badge

Re: Strangely none of them went down.

That's because they were located at the back of Achmed's Kebab Shop in Kentish Town

(How would you know other than doing some low-level packet tracing, and other detective work? It's a bit like Bit Torrent)

3
2
Ken Moorhouse
Silver badge

This was a Microsoft training exercise...

Altogether now:-

Embrace (cut that out you two at the back)

Extend (I wanna see those pierced navels)

Extinguish (noooo not with one of those...)

27
3

From slow batches to fast files, how Microsoft is luring folks into Azure

Ken Moorhouse
Silver badge

Re: But then comes downtime.

Do a Risk Analysis comparison between on-prem and cloud. Simplest example: A company with one pc. Extrapolate how you wish. All risks are "in series" ie., one link fails, everything fails.

On-prem risks: pc hardware failure, malware. (Hardware maintenance can be scheduled, so less of a risk).

Cloud risks: Outage at cloud provider, Administrative problems at Cloud (preventing login - is account-holder around to verify credentials?), telephone outage (impacting on broadband), broadband outage (in its own right), hacker issues (e.g., DDOS), hardware problem with router, problem with LAN cabling, pc hardware failure, malware.

EDIT: Some may say that Multiple Points of Presence dilute Risk. Yes, in some cases. But it all depends on whether your data has been successfully replicated to other points of presence. You may be accessing out of date data. This is where those who think that Cloud is a solution for non-techies need to review things... with their techies.

2
1

SanDisk man tipped off his family to Fusion-io fusion, bagged $220k in share snatch – says SEC

Ken Moorhouse
Silver badge

Re: Daytraders suck.

Daytraders - correct me if I am wrong - are buying and selling stocks/shares in a *legitimate* way, with the implied aim of closing their position by the end of a trading period. There is nothing wrong with this.

7
0
Ken Moorhouse
Silver badge

Anand and Ananda and Ananda...

It was allegedly a grammatically coordinated fraud.

8
0

IKEA flat-packs TaskRabbit to crack assembly code

Ken Moorhouse
Silver badge

Did you know that politicians are forbidden to buy IKEA furniture?

One loose screw and the whole cabinet falls apart.

0
0

US yanks staff from Cuban embassy over sonic death ray fears

Ken Moorhouse
Silver badge

Ry Cooder will sort out the problem...

...round up a few musicians. Play a few songs... everyone's happy... even got some endorsement from the POTUS at the time (see the sleeve notes for Buena Vista).

https://www.youtube.com/watch?v=JNYOVEXJBBM

0
0

Guntree v Gumtree: Nominet orders gun ads site must lose domain

Ken Moorhouse
Silver badge

Re: anybody remember

Will Cadburys be tempted to bring out "Gums n Roses", with the strapline "for the sweet child of mine".

6
0
Ken Moorhouse
Silver badge

so is this a poplar decision?

It was a fir decision.

11
0

Ouch: Brit council still staggering weeks after ransomware bit its PCs

Ken Moorhouse
Silver badge

Councillors...

...are considering the idea put forward that Flounderland has a certain ring to it.

2
0

Dogs fall ill after eating shop's chocolate freebie

Ken Moorhouse
Silver badge

Dogs fall ill after eating shop's chocolate freebie

http://www.bbc.co.uk/news/uk-41411781

A Sainsbury's spokesperson said

"We know chocolate is unsafe for pets to eat and that's why we had measures in place to safeguard against pet owners receiving this promotion," they added.

Hmmm. This is 1+1=3 in their DataWarehouse IMHO. How do they know whether Sainsburys Customers are pet owners or not?

My guess is that they used Nectar Card (their loyalty card) history to work out if you've buying dog food with it. If you haven't then they assume you don't have a dog.

1
0

My name is Bill Gates and I am an Android user

Ken Moorhouse
Silver badge

Re: at least when someone sees something different from what I do,

I'm glad you added that bit. Sounds like that well-worn phrase "Nobody got fired for [in this case] using MS Office."

I'm sure I've posted on here before about format inconsistencies between versions of MSOffice.

1
0

Page:

Forums

Biting the hand that feeds IT © 1998–2017